﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.Security;
using System.Data.SqlClient;

namespace John
{
    public partial class LoginPopUp : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            Response.Buffer = true;
            Response.ExpiresAbsolute = DateTime.Now.AddSeconds(-1);
            Response.Expires = 0;
            Response.CacheControl = "no-cache";
        }

        private bool CheckUser(string userName, string strPassword)//检查 管理员名和密码是否正确
        {
            bool bTemp = false;

            strPassword = FormsAuthentication.HashPasswordForStoringInConfigFile(strPassword, "MD5");

            DBConn myDB = new DBConn();
            string mySql = "select hyname,pws from Muser where hyname='" + userName + "' and pws='" + strPassword + "'";
            SqlDataReader mydr = myDB.getDataReader(mySql);
            if (mydr.Read())
            {
                bTemp = true;
            }
            else
            {
                bTemp = false;
            }

            mydr.Close();
            myDB.Close();

            return bTemp;
        }

        protected void Button1_Click(object sender, EventArgs e)
        {
            string name = CleanString.htmlInputText(username.Value.Trim());
            string strAdminPW = CleanString.htmlInputText(pws.Value.Trim());

            if (CheckUser(name, strAdminPW))
            {
                Session["name"] = name;

                //Response.Redirect("~/viste/default.aspx?name=" + name);
                //Response.Write("<script>history.go(-2);</script>");
            }
            else
            {
                Response.Write("<script>alert('用户名/密码不正确!!!');</script>");
                Response.Write("<script>history.go(-1);</script>");
            }

        }
    }
}